From 4dd8292a5bf32e5e93a1fbc3d3c16706012b6b44 Mon Sep 17 00:00:00 2001
From: Julien Malka <julien@malka.sh>
Date: Sat, 26 Oct 2024 04:12:46 +0200
Subject: [PATCH] fix: force certificate server for CA

---
 machines/core-security/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/machines/core-security/default.nix b/machines/core-security/default.nix
index d396826..bed3c65 100644
--- a/machines/core-security/default.nix
+++ b/machines/core-security/default.nix
@@ -118,7 +118,7 @@
     };
   };
 
-  security.acme.certs."ca.luj".server = "https://127.0.0.1:8444/acme/acme/directory";
+  security.acme.certs."ca.luj".server = lib.mkForce "https://127.0.0.1:8444/acme/acme/directory";
 
   systemd.services."step-ca".after = [ "keycloak.service" ];